A recent report has it that a cybersecurity firm recently discovered that over 700 libraries of the famous programming language, Ruby, have been infected with Bitcoin-stealing software.
This latest occurrence was made known by a Cambridge-based ReversingLabs, Massachusetts in a blog post about two days ago.
According to the report, hackers inserted malicious files inside a package manager named RubyGems. This package manager is normally used to upload and share the performances and improvements on existing pieces of software.
The report further stated that the hackers were attempting to trick developers into downloading malware with a method known as “typosquatting”, consisting of malicious packages with similar names to normal ones.
The hope of the hackers lied on a developer making a download of the infected package by mistake, which will expressly give the hackers access to their system.
As soon as the hackers gain entrance, the malware will execute a malicious script that starts an infinite loop meant to lay hold of a user’s clipboard data, which will then redirect all subsequent cryptocurrency transactions to the hackers’ designated wallet address.
However, the hackers’ efforts and preplanned perpetration were said to be unsuccessful. It has now become too late for the hackers, as the cybersecurity firm got in touch with RubyGems as soon as the attack was detected, resulting in the removal of the infected files.
A part of the report reads thus:
“The perfect candidate to succumb to this type of ‘spray-and-pray’ supply chain attack is a Ruby developer whose environment of choice is a Windows system that’s also periodically being used to make Bitcoin transactions. A rare breed indeed.”
Assuming the attack was successful, it could have been so devastating for RubyGems, due to its numerous packages with relatively 49 billion downloads, which has always been the target for hackers that are interested in stealing digital currencies.
HeraldSheets.com produces top quality content for crypto companies. We provide brand exposure for hundreds of companies. All of our clients appreciate our services. If you have any questions you may contact us. Cryptocurrencies and Digital tokens are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by our authors and the views expressed in them do not reflect the views of this website. Herald Sheets is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Read full terms and conditions / disclaimer.